﻿using System.IO;
using System.Text.RegularExpressions;
using System.Web;

namespace SecurityModule.Workflows
{
    class WFGetAppAccountChangePassword : SimpleWorkflow
    {
        public WFGetAppAccountChangePassword()
        {
            Verb = "GET";
            Path = "/App/Account/ChangePassword";
        }

        public override void PreProcessImplementation(HttpContext context)
        {
            context.Response.Filter = new ReplaceFilter(context.Response.Filter,
                context.Response.ContentEncoding,
                content =>
                {
                    // the user should trust the sensitve information they provide in this page will never be visible to the app directly, all JS code (except for trusted sources) should be cleaned to prevent potential AJAX calls
                    content = content.RemoveEventsAndScripts();
                    var strengthMether = File.ReadAllText(context.Server.MapPath("~/Scripts/strength-meter.js"));
                    content = content.Replace("</body>", string.Format("<script>{0}\r\n{1}</script></body>", strengthMether, "strengthMeter('#NewPassword', $('#Email').val());"));
                    return content;
                }
            );
        }



        public override void PostProcessImplementation(HttpContext context)
        {

        }
    }
}
